VYPR

CWE-349

Acceptance of Extraneous Untrusted Data With Trusted Data

BaseDraft

Description

The product, when processing trusted data, accepts any untrusted data that is also included with the trusted data, treating the untrusted data as if it were trusted.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-141 · CAPEC-142 · CAPEC-75

CVEs mapped to this weakness (26)

page 1 of 2
  • CVE-2026-45602CriJun 9, 2026
    risk 0.59cvss 9.1epss 0.00

    No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to perform tampering over a network.

  • CVE-2026-42960CriMay 20, 2026
    risk 0.58cvss 10.0epss 0.00

    NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able…

  • CVE-2025-5994HigJul 16, 2025
    risk 0.57cvss epss 0.00

    A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along…

  • CVE-2018-1131HigMay 15, 2018
    risk 0.57cvss 8.8epss 0.01

    Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations. A user with authenticated access to the server could send a malicious object to a cache configured to accept certain types of objects, achieving code…

  • CVE-2025-40778HigOct 22, 2025
    risk 0.56cvss 8.6epss 0.01

    Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12,…

  • CVE-2025-40776HigJul 16, 2025
    risk 0.56cvss 8.6epss 0.00

    A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1.

  • CVE-2026-32162HigApr 14, 2026
    risk 0.55cvss 8.4epss 0.02

    Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.

  • CVE-2024-25638HigJul 22, 2024
    risk 0.51cvss 8.9epss 0.00

    dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0.

  • CVE-2024-41924HigJul 30, 2024
    risk 0.47cvss 7.2epss 0.00

    Acceptance of extraneous untrusted data with trusted data vulnerability exists in EC-CUBE 4 series. If this vulnerability is exploited, an attacker who obtained the administrative privilege may install an arbitrary PHP package. If the obsolete versions of PHP packages are…

  • CVE-2026-35641HigApr 10, 2026
    risk 0.44cvss 7.8epss 0.00

    OpenClaw before 2026.3.24 contains an arbitrary code execution vulnerability in local plugin and hook installation that allows attackers to execute malicious code by crafting a .npmrc file with a git executable override. During npm install execution in the staged package…

  • CVE-2018-14773MedAug 3, 2018
    risk 0.40cvss 6.5epss 0.58

    An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the…

  • CVE-2024-53848HigNov 29, 2024
    risk 0.39cvss 7.1epss 0.00

    check-jsonschema is a CLI and set of pre-commit hooks for jsonschema validation. The default cache strategy uses the basename of a remote schema as the name of the file in the cache, e.g. `https://example.org/schema.json` will be stored as `schema.json`. This naming allows for…

  • CVE-2025-11411MedOct 22, 2025
    risk 0.37cvss epss 0.00

    NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually…

  • CVE-2025-11703MedOct 18, 2025
    risk 0.34cvss 5.3epss 0.00

    The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Cache Poisoning in all versions up to, and including, 9.0.48. This is due to the plugin not serving cached data from server-side responses and instead relying on user-input. This makes it possible for…

  • CVE-2026-46342MedJun 12, 2026
    risk 0.28cvss 5.4epss 0.00

    Nuxt is an open-source web development framework for Vue.js. In Nuxt versions 3.1.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6 and @nuxt/nitro-server versions 3.20.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, the /__nuxt_island/* endpoint accepts…

  • CVE-2024-34083MedMay 18, 2024
    risk 0.28cvss 5.4epss 0.00

    aiosmptd is a reimplementation of the Python stdlib smtpd.py based on asyncio. Prior to version 1.4.6, servers based on aiosmtpd accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted connection. This could be exploited by a…

  • CVE-2026-44572LowMay 13, 2026
    risk 0.17cvss 3.7epss 0.00

    Next.js is a React framework for building full-stack web applications. From 12.2.0 to before 15.5.16 and 16.2.5, an external client could send a x-nextjs-data header on a normal request to a path handled by middleware that returns a redirect. When that happened, the…

  • CVE-2026-41354LowApr 23, 2026
    risk 0.17cvss 3.7epss 0.00

    OpenClaw before 2026.4.2 contains an insufficient scope vulnerability in Zalo webhook replay dedupe keys that allows legitimate events from different conversations or senders to collide. Attackers can exploit weak deduplication scoping to cause silent message suppression and…

  • CVE-2025-1680NonOct 23, 2025
    risk 0.00cvss epss 0.00

    An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa’s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests…

  • CVE-2025-27415Mar 19, 2025
    risk 0.00cvss epss 0.00

    Nuxt is an open-source web development framework for Vue.js. Prior to 3.16.0, by sending a crafted HTTP request to a server behind an CDN, it is possible in some circumstances to poison the CDN cache and highly impacts the availability of a site. It is possible to craft a…